Avoiding Fraud Targeting Grant Funds

Grant recipients should be aware of increasing social engineering and phishing scams. These scams aim to trick people into diverting grant funds by pretending to be contractors, suppliers, or employees. They can come as fake emails, phone calls, or invoices to get sensitive information or unauthorized payments.

How to Avoid Fraud

1. Verify All Communication: Always verify requests for payment or changes in payment details directly with the contractor or vendor. Do not rely solely on email or phone calls. Use official contact information from your contract, vendor list, or previous communications.
2. Scrutinize Emails: Be cautious of unexpected emails, especially those asking for urgent action or containing attachments or links. Check the sender’s email address carefully; it may be altered to resemble a legitimate address. Do not open attachments or click on links unless you are sure of the sender’s identity.
3. Confirm Invoice Details: Before paying, ensure invoice details--including the amount, vendor information, and bank account details--match previous communications. If anything seems off or unexpected, contact the vendor directly using trusted contact methods (not contact info on the invoice).
4. Double-Check Payment Instructions: Verify any changes to payment instructions or banking information. Contact the vendor directly through a trusted, verified method to confirm the change before making the transaction.  DO NOT use contact information provided in the suspicious communications.

What to Do if Your Organization Gets Scammed

1. Act Fast: If you believe you have fallen victim to a phishing or social engineering scam, take immediate action. The quicker you respond, the better the chances of limiting the damage.  
2. Contact Your Financial Institution: Immediately notify your bank or financial institution of any unauthorized transactions. They may be able to stop or reverse the payment.
3. Report to OSBM: As soon as you suspect fraud, notify our office at NCGrants@osbm.nc.gov. We can provide guidance and involve the State Bureau of Investigation.
4. File a Report: Report the incident to the appropriate authorities, such as local law enforcement or the FBI and follow up with your bank.

Employee Awareness is Key

It is crucial that all employees who manage grants or financial transactions know the risks of phishing scams. Employees must understand that any changes to payment details, including electronic wire transfers or banking information related to contractors, suppliers, or vendors, should never be made based solely on an email or phone call. Always verify such requests through trusted contact information, such as that provided in contracts, official vendor lists, or other secure sources. Verification helps prevent fraud and ensures the integrity of financial transactions.

Resources to Learn More 

• Federal Bureau of Investigations video: Protected Voices: Social Engineering
• The Coyle Group Insurance: What is Wire Transfer Fraud
• KTLA: Protecting yourself from wire transfer scams

Please remain vigilant and take immediate action if you suspect any fraudulent activity. Should you need any assistance or have questions, please contact us.